0P3N Blog

Cybrary’s Open Blog is a user contributed cybersecurity knowledge base that brings together content highlighting the latest tools, exploits, technologies and insights in the industry.

Using No Redirect Plugins to Defeat 302 Redirect Headers
By: baphomet1488
March 10, 2017

Naturally, the first question you may have would be WHY would you want to Defeat a 302 Redirect Header?A 302 Redirect header is designed to direct a browser away from locations on a website that the Administrators do not want you to access. These can be things such as configuration files that contain sensitive data, or even the CMS ...

Kerberos Authentication on Linux
By: Tamas Szucs
March 10, 2017

Description of the solution Kerberos authentication can log in to the Linux host with Samba, Winbind and Kerberos client. Configure Linux host 1. Install K erberos client , Winbind, samba, sudo and ntp ...

The WikiLeaks Just Keep Dripping
By: rcubed
March 9, 2017

Table of Contents: 1.  What's in the vault? 2.  Hacking the endpoint is where it's at. 3.  Who done it? 4.  Ethical issues.  This past Tuesday (March 7, 2017), the internet’s online library of cool stuff, WikiLeaks, published the first of what it promises to be many more materials related ...

Using CMS Upload and Tamper Data to Obtain Administrative Access to a Webserver
By: baphomet1488
March 9, 2017

So, you've done it. You have either successfully bypassed a CMS login or used SQL injection to obtain usernames and password hashes to the CMS and have decrypted the hashes.You are inside the system.What do you do now?The next logical step is privilege escalation .I like to use the WSO.php backdoor to obtain further access. (Shell is located ...

How to Block Websites and Proxy Bypasses
By: Suminder Singh
March 9, 2017

Hello guys!This tutorial is intended for Network Engineers and Administrators on small computer networks.I'm back again with new tricks and tutorial. In this tutorial, I'm going to show you how to block a social website and adult website on your network. I know you have many techniques to block it, but there is more than one way ...

How to get Secure Coding Certified
By: Olivia
March 8, 2017

Hopefully the answer to the question, “How do I get _ certified?” is becoming clearer with each post I write. You may or may not have realized that the certification catalog is continuing to grow, with some of the newest certifications, SQL Injection and Cross-site Scripting, falling into the category of vulnerability specific certifications. ...

Role Technology: Healthcare
By: Rachel Laura M
March 8, 2017

When dealing with a health problem, gone are the days when we had to make many phone calls, ask a lot of questions and then wait for a doctor or other medical professional to follow up with us. Today, when it comes to managing our health, the Internet is our number#1 source of information. Consider this: in a 2004 ...

CIA Triad [Confidentiality, Integrity and Availability]
By: nirmalrijal
March 8, 2017

Confidentiality: Confidentiality means protecting sensitive information from disclosure to unauthorized parties which refer to providing the information to right user and protect from wrong user or hacker. Integrity: Integrity means the information is precise and solid and has not been quietly changed or messed with by an unknown or unapproved party.  ...

How to Create an Encrypted Container in Linux for Cloud Storage
By: NickTh
March 8, 2017

How to Create an Encrypted Container in Linux to Use on Cloud Storage Services Greetings Cybrarians.This is my first publication, and we will learn how to secure our content when we are using a third party service for Cloud Storage (i.e. Dropbox).We can use this technique for local encryption too.Of course, we have to know that the best solution ...

Harassment in IT: Are things any better 40 years later?
By: rcubed
March 7, 2017

Several high-profile sexual harassment cases in recent years serve as a reminder how far the tech industry has yet to advance with regard to the fair treatment of women in the workplace. Truth be told, it’s a pervasive problem in our culture that extends well beyond the IT field, however, the problem is particularly acute in IT due to ...